Virtual Servers

Overview

A Virtual Machine (VM) is a guest server hosted on a VM host. The ACCC VM service includes maintenance of the physical environment such as power, cooling, physical security and networking, system monitoring, patches and upgrades, backups, business continuity and disaster recovery, and performance tuning.

Features

Common uses of virtual servers include web servers, file servers, database servers and custom or commercial application servers. ACCC provides the following for each virtual server:

Reliable disk. Virtual servers are hosted on a RAID 5 storage area network (SAN), and mirrored across campus.

Backups. We use our Backups (ADSM) service and Commvault to do an image backup of the virtual server. The mirrored RAID is extremely reliable, but if you delete or corrupt some files, they are also damaged on the disk copy, and you need alternate backup.

Business continuity. We can move the virtual server to spare hardware, across campus if needed, if either the server or networking has trouble.

Operating system updates. We'll upgrade the operating system, and some of the common applications, as needed.

Security patches​. Patches for basic software.

Networking and local networking. High bandwidth connection to campus backbone for peak loads. We can make the virtual server appear to be on departmental local area network (LAN), behind a firewall.

Secure connection API. Windows uses the Windows/Kerberos authentication scheme, in conjunction with Active Directory, so you use your ACCC Common Password. Linux can also use Kerberos and Active Directory, and can make files appear as a Windows file share. Or you can use SSH/SCP for login and file transfer. Your passwords never actually pass to the virtual server itself, for extra security.

Bluestem or Shibboleth. We'll add mod_bluestem or mod_shibboleth to Apache. Many applications can use REMOTE_USER, as populated by Bluestem, for authentication. So this may well be useful beyond just protecting static files. Certainly useful for any CGI scripts you write. Bluestem requires SSL, so you will need an SSL certificate.

Requirements

Applicability

Departmental Responsibilities

Application support and maintenance. We're providing the (virtual) server, and some support depending on the support level. You must handle the rest of the application take of application configuration, upgrades, content, and all the non-routine things we provide.

Support of any application users. If any user has trouble with your applications, you must be the go-to person. ACCC cannot maintain expertise on every application.

Backup arrangements. ACCC provides network backup service automatically, but the department must make arrangements for anything more complicated, such any local database backups. We'll help set this up, but some backups or log file rotations can require a small amount of custom scripting. If you are backing up anything other than static files, ask us. Let's make sure it works before you need a real restore.

Interaction with ACCC to make requirements known, agree on upgrade schedules, etc. We're reasonably flexible, but we need to work together for some maintenance aspects.

Interaction with any third-party vendors, including installation and maintenance of third-party apps. If you are installing a third-party application, that part is up to you. But do ask us first, there might be some aspects of the system configuration or networking that we can do really easily for you, and help out in this process.

Limitations

Appropriate Use. The virtual servers are for use by the UIC community. They are not for use by outside parties, except where UIC has legitimate collaborations with outside parties. They are not for personal commercial use.

Appropriate Network Use. Just like with a server physically in a department, you can't abuse the network, you must keep appropriate logs, and so on.

Appropriate Hardware Use. Please do not setup a MySQL or MSSQL database server on your VM, it will adversely affect the SAN by consuming an abnormal amount of IOPS. We have database services available for use.

Shell accounts for UIC NetIDs only. If an outsider really needs shell access (common for outside vendors during and install, or for outside web designers), we'll give them a UIC NetID, as we do now.

Security

Linux virtual servers: Root access with sudo, maintain security patches for your applications, good practices with security configurations, logs, firewalls, and so on. We'll help with some of this initially (and we'll apply any OS security patches for you), but you are still responsible for the security aspects of your applications. In particular, if your VM is compromised, we have to take it down. Of course, fixing it will be a lot easier with the disk snapshot and tape backup we provide, but you will have to be involved in fixing any application issues.

Windows virtual servers: You'll have administrator access and a managed Symantec Endpoint Protection client installed on your VM. Your virtual server will be joined to Active Directory and placed in our Hosted Servers OU (which you will be delegated full control).

Support Options

Hosted Operating System:

Support for:

Service Fee:

Microsoft Windows Server

Software included in the base image as defined in the service catalog.

No Charge

Microsoft Windows Server

Database connectivity to ACCC hosted servers.

No Charge

Microsoft Windows Server

System Restore required as a result of ACCC action.

No Charge

Microsoft Windows Server

System Restore required as a result of a customer action.

Charge at standard rate as defined in the service catalog.

Hosted Operating System:

Support for:

Service Fee:

Linux

Software included in the base image.

No Charge

Linux

Assistance with configuration of operating system and base image components.

No Charge

Linux

Database connectivity to ACCC hosted servers.

No Charge

Linux

System Restore required due to ACCC fault.

No Charge

Linux

System Restore required due to Customer fault.

Charge

Linux

Other applications needed by the college or department.

Charge

Cost

All prices include 30 GB disk space. Additional storage is available for $0.10 per gigabyte per month plus $0.10 per gigabyte per month for backup.